Cisco is a long-time front-runner in delivering cutting-edge firewalls for the broadest possible range of deployments. Cisco's Firepower Next Generation Firewalls represent a modern firewall solution that combines dedicated hardware, cloud services, and machine learning to block, identify, and mitigate cyber attacks automatically. Progent's Cisco-certified CCIE firewall experts can assist your organization to design and carry out an efficient migration to Cisco Firepower firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and show you how to enhance Firepower firewalls with Cisco's subscription-based security services to build and centrally manage IT ecosystems that include branch offices, data centers, private clouds and public clouds. Progent can also assist you to maintain and troubleshoot older-generation Cisco security appliances. Progent's certified network security experts can assist you with policy creation and tuning driven by industry best practices in order to establish a consistent cybersecurity profile across all your devices anywhere.
Cisco's Firepower Next Generation Firewall Appliances
Cisco's Firepower Next Generation Firewalls deliver a major performance boost compared to Cisco's previous-generation ASA 5500-X firewalls and offer unified control of advanced security features like application visibility and control, next-generation intrusion protection with intelligent prioritization of risks, advanced malware protection, URL filtering, and sandboxing. For more information about Cisco's Firepower portfolio of NGFWs Firewalls, see Cisco Firepower firewalls integration services.
Cisco's ASA 5500-X Series and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500, and PIX firewalls provide integrated firewall, VPN, and intrusion prevention system (IPS) capabilities in single-box packages, delivering a broad range of features to meet the security needs of companies ranging from small businesses to enterprises and ISPs. Cisco's ASA 5500-X Series, ASA 5500 Series, and PIX firewall appliances allow network security staffs to protect their network edge and offer safe offsite and mobile connectivity while using powerful management tools based on Cisco's world-class firewall technology.
Cisco's ASA 5500 Series and PIX firewall appliances have reached end-of-life (EOL) status but remain commonly deployed in smaller businesses and in a few enterprise data centers. The ASA 5500-X Next-Generation Firewalls represent significantly more bang for the buck and have supplanted Cisco's ASA 5500 and PIX families of firewalls for new deployments. Still, Cisco's older model firewall appliances, if carefully maintained, can deliver a high level of protection by providing a variety of security functions including firewall, IPsec VPN, and IPS.
After Cisco's purchase of Sourcefire, the whole family of Cisco ASA 5500-X devices can be configured to enable Firepower Services, built on Sourcefire's Snort technology, which is the world's most deployed network intrusion protection system. Firepower services bring enhanced features such as advanced malware protection (AMP), URL filtering, dynamic threat analytics, and security automation.
Progent's Cisco CCIE-premier network consultants can help your organization to maintain and troubleshoot legacy ASA 5500 Series and PIX firewalls and can also help you to design and carry out a smooth migration to Cisco's ASA 5500-X Series firewalls with Firepower Services. Progent can also help you to plan, configure, optimize, manage and troubleshoot new firewall ecosystems based on Cisco's latest ASA 5500-X firewalls with Firepower Services. Progent's firewall consultants can also help you to migrate from your Cisco ASA 5500-X Series deployment to Cisco's latest Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive family of ASA 5500-X security appliances includes an improved substitute for each rack-mountable model in the older ASA 5500 line of devices. Each ASA 5500-X model is suited for the same market as the associated previous models, which offers small and midsize businesses plenty of choice for picking a solution that aligns with their security requirements and IT budgets. All ASA 5500-X firewalls are based on Cisco's tested stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore CPUs and support Cisco's powerful protection services. All models in Cisco's ASA 5500-X family provide consistent security across any combination of physical, virtual, and cloud deployments.
For more details about ASA 5500-X firewalls, Firepower services, and Progent's support for ASA 5500-X security appliances, see Cisco Firepower configuration and debugging expertise
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X security appliances work with either software or physical modules that enable Cisco's Firepower Services, which provide layered defense against multi-vector threats. Firepower Services are powered by innovative technology acquired by Cisco from Sourcefire. Key features of Firepower Services for ASA security appliances include:
Simpler implementations of Cisco ASA 5500-X firewalls can be effectively administered using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool provided with all ASA 5500-X models. ASDM includes a simple web dashboard for deploying, managing, and troubleshooting ASA 5500-X devices and modules.
For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower can be administered with Firepower Management Center, implemented as one or more physical units or virtual devices. Cisco's Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, advanced IPS, URL filtering, and Advanced Malware Protection. Due to frequent rebranding since Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under various names including Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center offers features unavailable with Cisco's on-box Adaptive Security Device Manager tool. Additional features include greater context awareness, Cisco's Advanced Malware Protection (AMP) with remediation for user devices, a console that provides dynamic network visualization, automated policy tuning driven by risk assessment of threats, advanced IPS, custom application discovery for Application Visibility and Control, customized health alerts, improved reporting options, and application interfaces for host input and databases. Hardware-dependent capabilities like clustering, stacking, switching, routing, VPN, and NAT must be handled using either the on-device ASDM or the ASA command line interface.
Cisco ASA 5500 Adaptive Security Appliances
Cisco ASA Firewalls build on engineering behind the PIX 500 Series firewall, the IPS 4200 family sensor, and the VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall product line to deliver a firewall that stops the broadest range of threats. Cisco ASA 5500 Series Firewalls provide program security, local containment, and clean VPN functionality throughout the entire product line. This breadth of protection enables defense of any network segment, including the most typical threat conduits such as remote sites, locally-connected inside users, and remote connected VPNs.
Cisco ASA firewalls provide a high-level of application protection via smart, application-sensitive inspection processes that analyze network flows at Layers 4-7. The result is a more secure network including Web, voice, and 3G-mobile wireless access. To protect against application-layer attacks and to offer better control over the applications and protocols utilized in their networks, these inspection engines incorporate extensive application and protocol knowledge and employ protection enforcement solutions such as anomaly sensing and state tracking. Also incorporated are attack detection and remediation technology including application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also provide management of IM and tunneling applications, enabling businesses to enforce usage policies and recover network bandwidth for vital business processes.
For more details about Progent's support services for ASA 5500 firewalls, see Cisco ASA 5500 series firewalls integration and troubleshooting support.
Cisco PIX Firewalls
Based upon a tested, specialized operating system that offers a wealth of security services, PIX security appliances offer a high level of protection and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IP Security (IPsec) certification. Cisco PIX firewalls offer security for a broad range of VoIP and additional mixed-media conventions including H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol (SCCP), RTSP, and Media Gateway Control Protocol (MGCP), enabling organizations to safeguard installations of a wide array of contemporary and upcoming VoIP and video applications.
Administrators can furthermore remotely set up, monitor, and analyze PIX security appliances via a command-line interface (CLI). Safe command-line interface access is available using a number of methods including Secure Shell (SSHv2) Protocol, Telnet over IP Security (IPsec), and out-of-band via a console port. Cisco PIX firewall appliances also include dependable automatic-update capabilities, a set of advanced secure remote-administration options that ensure firewall configurations and software images are always up to date.
For additional information about Progent's consulting services for Cisco PIX security appliances, visit PIX firewalls integration and troubleshooting services.
Progent's Migration Support Services for Cisco Firewalls
Because Cisco has stopped offering the PIX and ASA 5500 product lines, many businesses are concerned about depending on a critical security mechanism that may no longer be supported by Cisco. ASA 5500-X and Firepower Series firewalls offer the advantage of being new products and also bring a number of functions and financial advantages in comparison to PIX 500 firewalls. These advantages include substantially higher performance, optional SSL tunneling support, and an expandable architecture that protects your investment by enabling you to add new security features when and if you need them. Progent's CCIE-certified experts can help you to determine the business case for upgrading from PIX 500 or Cisco ASA 5500 firewalls, create a migration plan that allows for a fast and non-disruptive upgrade, assist you to configure new ASA 5500-x Series or Firepower Series appliances, and provide online, consulting, and technical support services.
Other Ways Progent Can Assist Your Business with Cisco ASA and PIX Firewalls
Cisco's Firepower NGFW Series, ASA 5500 Series, and PIX family firewalls provide a wealth of setup, tracking, and analysis features that offer you the flexibility to deploy these security appliances to align optimally with your company's requirements. Progent's CCIE certified network experts can assist you to configure and support an efficient network infrastructure that includes Cisco security appliances and that offers advanced protection, resilience, performance, and manageability. Progent's GISA and CISSP-ISSP-certified IS security consultants can help your business to develop a security strategy appropriate for your situation and can configure your security appliance to enforce your security policies. Progent's risk assessment professionals can evaluate the effectiveness of your existing firewall solution and validate the security of your whole IS network. Progent's Technical Response Center (TRC) can deliver urgent remote technical support for Cisco products and offer quick access to a Cisco expert.
To see additional details concerning Progent's engineering assistance for Cisco products, pick a subject:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
If you wish to contact Progent about professional assistance for Cisco products, call